To integrate with SharePoint, you need to create an Azure AD application that acts as a bridge between Zylon ↔ SharePoint and configure Zylon to use this Microsoft application. This guide walks you through integrating SharePoint with Zylon using Microsoft’s OAuth 2.0 flow via Azure Active Directory. This enables Zylon to securely access your SharePoint resources using delegated permissions.

Create an Azure AD app

First you need an Azure AD application. We recommend to use a non-personal account to create this from the Microsoft Entra panel. This account does not need to have access to any items on Sharepoint but has the right permissions to setup the app that will serve as a bridge between Zylon and Sharepoint.
  1. Go to https://entra.microsoft.com.
On the left sidebar Click ApplicationsApp RegistrationsNew Registration imagen.png
  1. Provide a meaningful name for the Application.
  2. On Supported Account types choose Accounts in this organizational directory only
  3. Under Redirect URI → Select Web and add the followings redirect URL
https://{your-zylon-instance}.com/api/app/integration/sharepoint/callback
  1. Click Register
Screenshot 2025-04-07 at 11.23.17.png
  1. Click on Redirect URIs
image.png
  1. Click on Add a platform
image.png
  1. Click on Single-Page application
image.png
  1. Add the following URL and click Configure:
https://{your-zylon-instance}.com
  1. Now that the app is created, note the Application (client) Id and Directory (tenant) id from the Overview page.
image.png
  1. Let’s create an application secret
Navigate to Certificates & secrets → Click + New client secret → Add a description and expiration date(if you add a date coming up shortly you have to be aware your integration will stop working when the secret expires) Copy the Client Secretvalue. The secret value will not be accesible later. imagen.png Now we have to configure the API permissions our client application will have. Navigate to API Permissions+ Add a permissionMicrosoft GraphDelegated permissions and include the permissions below then click on Add permissions
  • Files.Read.All
  • OpenId permissions.offline_access
  • SharePointTenantSettings.Read.All
  • Sites.Read.All
  • User.Read
Navigate to API Permissions+ Add a permissionSharepointDelegated permissions and include the permissions below then click on Add permissions
  • AllSites.Read
  • EnterpriseResource.Read
  • MyFiles.Read
  • Project.Read
  • Sites.Search.All
  • User.Read.All
After adding both list of permissions click on Grant admin consent for [Your Org] and confirm by clicking Yes image.png

Configure Zylon with your Azure AD app

With the values we have acquired in previous steps we will edit Zylon config file located in /etc/zylon/zylon-conf.yaml Add the following snippet to the bottom of the file 
integration:
sharepoint:
enabled: true
clientId: "" //From step 10 - Application client Id
clientSecret: "" //From step 11 - Secret value
redirectUri: "" //From step 4
domain: "" //Your sharepoint domain. ex: https://zylonai.sharepoint.com
tenantId: "" //From step 10 - Directory tenant Id
And fill the properties with the values generated previously:
  • clientId → value generated on step 10
  • clientSecret → value generated on step 11
  • redirectUri → same value as step 4
  • domain → Your sharepoint url
  • client_tenant_id → same value as step 10
Save and close /etc/zylon/zylon-conf.yaml file Finally, execute the following command to reset Zylon and update the config 
zylon-cli update
You are all set 🎉

Troubleshooting

I tried to upload files to the knowledge base but the Sharepoint button is greyed out

Clear the browser cache and try again.

When I click on Upload files -> From Sharepoint the log in is not working

  • Check that the clientId secretId are copy pasted correctly into Zylon config file
  • Check that redirectUri is the same as step 4 and that your domain from sharepoint is right
  • Check that the tenantId being used matches the one under the Overview page of your application on Azure AD